Atty. reference: LIE 177 



CLAIM AMENDMENTS: 

Please amend the claims as follows: 

1. (Currently amended) A searching method for a Security Policy 
Database comprising: 

building a peer table , wherein the peer table includes fields of peer 
identification, address, prefix, and type : 

building a set of peer-based Security Policy Databas e Databases 
composed of a plurality of peer-based Security Policy Databases; 

searching the peer table , and then comparing the Security Policy Database 
set with the field of address of the peer table so as to obtain a corresponding 
peer-based Security Policy Database; and 

searching the corresponding peer-based Security Policy Database so as to 
obtain a security policy. 

2. (Original) The searching method of claim 1, wherein the step of 
building a peer table further comprises the step of building at least two data in the 
peer table according to a peer gateway; according to one set of peer gateway, at 
least two sets of data are built in the peer table. 

3. (Original) The searching method of claim 2, wherein one of the two 
data is an internal network/local area network (LAN) data, the other is an external 
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network/wide area network (WAN) data; one of the two sets of data is a set of 
internal network/local area network (LAN) data and the other is a set of external 
network/wide area network (WAN) data. 

4. (Original) The searching method of claim 3, wherein each of the 
internal network/local area network (LAN) data and the external network/wide area 
network (WAN) data comprises a peer identification, an address, a type and a 
prefix; the peer identification represents the peer gateway; the address is a 
network address; the type is an internal network/local area network (LAN) section 
type, an external network/wide area network (WAN) address type or both; the 
prefix is the number of the bits for comparing the address. 

5. (Original) The searching method of claim 4, the address included in 
the internal network/local area network (LAN) data is an internal network/local 
area network (LAN) section. 

6. (Original) The searching method of claim 4, the address included in 
the external network/wide area network (WAN) data is an external network/wide 
area network (WAN) address. 

7. (Original) The searching method of claim 1, wherein the step of 
building a peer table further comprises the step of building data in the peer table 
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according to a default peer gateway; the data comprises a peer identification; an 
address, a type and a prefix; the peer identification is 0, the address is 0, the type 
is B, and the prefix is 0. 

8. (Original) The searching method of claim 1, wherein the step of 
building a set of peer-based Security Policy Database further comprises the step 
of building a peer-based Security Policy Database according to a peer gateway for 
storing a security policy relating to the peer gateway; according to a plurality of 
peer gateways, a plurality of peer-based Security Policy Databases are built. 

9. (Original) The searching method of claim 1, wherein the step of 
building a set of peer-based Security Policy Database further comprises a step of 
building a default peer-based Security Policy Database according to a default peer 
gateway for storing the security policy relating to the default peer gateway. 

10. (Original) The searching method of claim 8, wherein the step of 
building the peer-based Security Policy Database according to a peer gateway is 
according to a selector of a security policy, and the selector is a source address or 
a destination address. 

11. (Original) The searching method of claim 9, the security policy 
relating to the default peer gateway is a by-pass security policy or a discard 
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security policy. 

12. (Original) The searching method of claim 1, wherein step of building 
a set of peer-based Security Policy Database further comprises a method for 
adding-in a security policy, the method comprises: 

adding the security policy in the set of peer-based Security Policy Database 
according to a selector. 

13. (Original) The searching method of claim 12, wherein the selector is 
a source address or destination address. 

14. (Original) The searching method of claim 1, wherein the step of 
building a set of peer-based Security Policy Database further comprises a method 
for deleting a security policy, the method comprises: 

deleting the security policy from the set of peer-based Security Policy 
Database according to a selector. 

15. (Original) The searching method of claim 14, wherein the selector is 
a source address or destination address. 

16. (Original) The searching method of claim 1, wherein the step of 
searching the peer table further comprises a step of comparing a packet and the 
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peer table. 

17. (Currently amended) The searching method of claim 16, wherein the 
packet is an inbound [[IPSec]] IPsec packet in tunnel mode; the comparing step is 
used for comparing the source address of the outer header of the inbound 
[[IPSec]] IPsec packet in tunnel mode and the external network/wide area network 
(WAN) address of the peer table. 

18. (Currently amended) The searching method of claim 16, wherein the 
packet is an inbound [[IPSec]] IPsec packet in transport mode; the comparing step 
is used for comparing the source address of the inbound [[IPSec]] IPsec packet in 
transport mode and the external network/wide area network (WAN) address of the 
peer table. 

19. (Original) The searching method of claim 16, wherein the packet is 
an inbound IP packet; the comparing step is used for comparing the source 
address of the inbound IP packet with the internal network/local area network 
(LAN) section of the peer table. 

20. (Original) The searching method of claim 16, wherein the packet is 
an outbound IP packet; the comparing step is used for comparing the destination 
address of the outbound IP packet with the internal network/local area network 
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(LAN) section of the peer table. 

21. (Original) The searching method of claim 1, wherein the step of 
searching the peer-based Security Policy Database comprises a step for 
comparing a packet and the peer-based Security Policy Database. 

22. (Currently amended) The searching method of claim 21 , wherein the 
packet is an inbound [[IPSec]] IPsec packet in tunnel mode; the comparing step is 
used for comparing the inner header of the inbound [[IPSec]] IPsec packet in 
tunnel mode with the selector of the security policy of the peer-based Security 
Policy Database. 

23. (Currently amended) The searching method of claim 21 , wherein the 
packet is an inbound [[IPSec]] IPsec packet in transport model; the comparing 
step is used for comparing the header of the inbound [[IPSec]] IPsec packet in 
transport mode with the selector of the security policy of the peer-based Security 
Policy Database. 

24. (Original) The searching method of claim 21, wherein the packet is 
an inbound IP packet; the comparing step is used for comparing the header of the 
inbound IP packet with the selector of the security policy of the peer-based 
Security Policy Database. 
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25. (Original) The searching method of claim 21 , wherein the packet is 
an outbound IP packet; the comparing step is used for comparing the header of 
the outbound IP packet with the selector of the security policy of the peer-based 
Security Policy Database. 
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